CVE-2024-10896

Name of the Vulnerable Software and Affected Versions Logo Slider WordPress plugin versions prior to 4.5.0

Description The issue concerns the Logo Slider WordPress plugin, where versions before 4.5.0 do not properly sanitize and escape some of its logo and slider settings. This could allow users with high privileges, such as contributors, to perform stored Cross-Site Scripting attacks.

Recommendations For versions prior to 4.5.0, update to version 4.5.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the logo and slider settings to minimize the risk of exploitation. Avoid using the vulnerable settings in the affected plugin until the issue is resolved.